2 ===================================================================
3 --- IkiWiki.pm (revision 2981)
4 +++ IkiWiki.pm (working copy)
6 memoize("file_pruned");
8 sub defaultconfig () { #{{{
9 - wiki_file_prune_regexps => [qr/\.\./, qr/^\./, qr/\/\./,
10 + wiki_file_prune_regexps => [qr/\.\./, qr/^\.(?!htaccess)/, qr/\/\.(?!htaccess)/,
11 qr/\.x?html?$/, qr/\.ikiwiki-new$/,
12 qr/(^|\/).svn\//, qr/.arch-ids\//, qr/{arch}\//],
13 wiki_link_regexp => qr/\[\[(?:([^\]\|]+)\|)?([^\s\]#]+)(?:#([^\s\]]+))?\]\]/,
16 This lets the site administrator have a `.htaccess` file in their underlay
17 directory, say, then get it copied over when the wiki is built. Without
18 this, installations that are located at the root of a domain don't get the
19 benefit of `.htaccess` such as improved directory listings, IP blocking,
20 URL rewriting, authorisation, etc.
22 > I'm concerned about security ramifications of this patch. While ikiwiki
23 > won't allow editing such a .htaccess file in the web interface, it would
24 > be possible for a user who has svn commit access to the wiki to use it to
25 > add a .htaccess file that does $EVIL.
27 > Perhaps this should be something that is configurable via the setup file